Say you are creating a shared to-do list, and you want to allow only the owner of the list to make changes, but anyone can view:
Seems like it might be a lot of work for such a simple piece of functionality; however, what happens when you add role-based permissions as a new feature? If you already have this set up, it's as simple as adding " or hasRole('SuperUser')" to the SpEL, and exposing a minimal projection of the Authentication to the browser or Node app (which it probably already has access to.) Now the UI can always stay in sync with the server-side authorities.
This is now in a stable state and will be released as 0.2.0. The following features are tested and working:
- Primitive Literals
- Property references
- Compound expressions
- Method references
- Local variable reference ("#someVar")
- Ternary operators
- Safe navigation
- Complex literals
- Logical operators (and, or, not)
- hasRole() (if you use spel2js.StandardContext)
The following are not implemented yet because I'm not sure of the best approach:
- Qualified identifiers/Type references/Bean References
- hasPermission() for custom permission evaluators
There are a few AngularJS directives (I just need to put them on GH):
If someone wants to implement a REST-compliant way in Spring to expose the permissions (and maybe the custom PermissionEvaluators) that would be awesome.
bower install spel2js
npm install spel2js
- download the zip
All tasks can be run by simply running
grunt or with the
npm test command, or individually:
grunt lintwill lint source code for syntax errors and anti-patterns.
grunt testwill run the jasmine unit tests against the source code.
Credit is given to all of the original authors of the Java SpEL implementation at the time of this library's creation:
- Andy Clement
- Juergen Hoeller
- Giovanni Dall'Oglio Risso
- Sam Brannen
- Mark Fisher
- Oliver Becker
- Clark Duplichien
- Phillip Webb
- Stephane Nicoll
- Ivo Smid
This repository was scaffolded with generator-microjs.
Since this was ported from the Spring Framework, this library is under version 2.0 of the Apache License.